IT and technology management consultant for SMEs Damian Kiernander outlines nine simple steps you could follow to secure your devices and protect your business online.
I’m afraid my first piece of advice is ‘don’t allow employees to use their own devices for work!’ The problem is that from an IT/security point of view we can’t know what that computer has been used for in the past and what nasties are on there. However, in the current coronavirus climate it is a case of needs must. Here is a checklist all founders and their teams can adhere to:
- Do not install a VPN which has access to the company network on a home computer. If the user needs files stored on a company server a colleague with access will need to forward these over. A VPN is a backdoor into the corporate network and should only be used on a company issued laptop that has been appropriately secured.
- Ensure the PC is running a currently supported Operating System – Windows 10 (check the current Window 11 build is supported) or MacOS 10.15+ which has run all updates. Make sure auto-update is enabled.
- Ensure all software and applications are up to date.
- Enable full disk encryption if it is available. This will require you to enable BitLocker on Windows 11 Pro (this isn’t available on Windows 10 Home) or FileVault on MacOS. The reason for this is to help protect any sensitive and personal data stored on there. Ensure you have strong passwords for all computer logins.
- Install an anti-virus/anti-malware product, even on a Mac. Run a full scan before logging into any corporate email, file sharing or collaboration apps.
- Use web-based access to corporate data where possible – Office 365 Outlook on the Web, OneDrive, Sharepoint and Teams can all be run via a web browser. This reduces load on the home computer which may not be as capable as a company issued one, and also keeps IT support relatively straight-forward, not having to configure/support Outlook etc.
- Create a new user profile on the home PC/Mac specifically for work and set it as “standard”, not an “admin” user. This stops the user installing software that shouldn’t be on there and more importantly helps to stop unwanted software being installed/run without the user’s knowledge.
- Only use known or owned wireless networks. Free Wifi networks can be operated by criminals who can intercept and steal data on that network.
- Be extra careful when clicking on links in emails. The advice that should be adhered to for avoiding phishing attacks should be applied to anything you receive regarding Covid-19 sites or maps. If in doubt go directly to the sites of recognised bodies instead of clicking on links received in emails, SMS or WhatsApp messages etc.
This article was written by an independent third party and the views contained within are not necessarily the views of Barclays. This article is designed to help you with your independent research and business decisions. This page contains [link(s) to third party websites and resources that we (Barclays) are not providing or recommending to you. The information contained in this article is correct at the time of publishing. We recommend that you carry out your own independent research before you make any decisions that will impact your business.
Barclays (including its employees, Directors and agents) accepts no responsibility and shall have no liability in contract, tort or otherwise to any person in connection with this content or the use of or reliance on any information or data set out in this content unless it expressly agrees otherwise in writing. It does not constitute an offer to sell or buy any security, investment, financial product or service and does not constitute investment, professional, legal or tax advice, or a recommendation with respect to any securities or financial instruments.
The information, statements and opinions contained on this page are of a general nature only and do not take into account your individual circumstances including any laws, policies, procedures or practices you, or your employer or businesses may have or be subject to. Although the statements of fact on this page have been obtained from and are based upon sources that Barclays believes to be reliable, Barclays does not guarantee their accuracy or completeness.